Articles about Security

Microsoft Malware Protection Center helps take down Ramnit botnet

Microsoft Malware Protection Center helps take down Ramnit botnet

Ramnit, a botnet that infected millions of computers around the world, has been tamed, thanks in part to Microsoft Malware Protection Center. The takedown operation was a collaboration between Microsoft, Europol, Symantec and others, and it successfully stopped the malware which worked by disabling virus protection before stealing banking details and personal information from infected machines.

With an estimated 3.2 million computers infected globally, Ramnit has been used by cybercriminals the world over, but the majority of infections were found in Britain. The botnet was brought under control by shutting down several servers used by the group responsible for Ramnit.

Continue reading

Data classification is the key to protecting information

files folders magnifying glass security scanning antivirus

Although organizations are increasingly concerned about data protection many of them don’t have the appropriate tools in place to secure their information.

According to a new report from data loss prevention specialists Boldon James compiled by Bloor Research, although over half of organizations see data security as a major concern 47 percent say they don't have a data classification tool.

Continue reading

Vulnerable mobile apps are not being patched -- millions of people at risk


Vulnerabilities in software are a fact of life; only a fool would say any code or method is perfect. The moment you fall into that trap of dangerous thinking, you have let your guard down.

So while vulnerabilities will happen, and must be accepted, how the developer responds to the flaw is the true test and measure of its security. In other words, if a vulnerability should always be expected, so too should a prompt patch to fix it. Sadly, McAfee Labs finds in a new study that this is not the case. Many insecure and vulnerable apps are found to not be patched, months after the flaw-discovery. Yes, months.

Continue reading

The billion dollar Carbanak bank heist could have been easily avoided


This month, the $1 billion bank heist affecting up to 100 financial institutions has highlighted a growing gulf of miscommunication between chief executives of large organizations and their IT departments.

Kaspersky Lab reports that, working with international law enforcement agencies Interpol and Europol, it discovered that the gang, dubbed Carbanak, used malware enabling it to see and record everything that happened on staff’s screens. These and other recent high profile cyber-attacks, such as that which recently saw 76 million customer accounts hacked at financial institution JPMorgan Chase, are forcing organizations such as banks to examine why cyber criminals see them as easy pickings. Some are rapidly reaching the conclusion that they need to plug any security holes not only in their own networks but also in those of their advisers and partner companies.

Continue reading

Old threats still dominate the security landscape

old computers

Most of the biggest IT security risks aren't new but are threats that have been around for years or even decades.

This is one of the findings of the latest HP Cyber Risk Report published today which looks at pressing security issues facing enterprises during the previous year and indicating likely trends for 2015.

Continue reading

Despite hack by NSA and GCHQ, Gemalto's SIM cards are safe, says the company

SIM Card Phone Smartphone

Gemalto, the world’s largest producer of SIM cards, which made headlines last week for reportedly gettings its encryption keys stolen by the mighty NSA and GCHQ spying agencies, says its SIM cards, as well as banking cards, passports and other products are secure, a conclusion it reached after conducting a round of initial investigations.

The Intercept published a detailed report last week based on confidential documents it gleaned from whistleblower Edward Snowden, in which it revealed that America’s NSA and UK’s GCHQ hacked the systems at Gemalto to steal the encryption keys. By getting access to the keys, the agencies were able to directly tap phone calls, and monitor messages, among other things, on millions of mobile phones.

Continue reading

OS X, iOS and Linux have more vulnerabilities than Windows

OS X, iOS and Linux have more vulnerabilities than Windows

It might come as something of a surprise, but Windows is more secure than not only Apple's iOS and OS X, but also Linux. I'll just let that sink in for a moment...

Windows, the operating system ridiculed for its vulnerabilities and susceptibility to viruses is actually more secure than the supposedly Fort Knox-like Linux and OS X. This startling fact comes from the National Vulnerability Database (described as the "US government repository of standards based vulnerability management data") which details security issues detected in different operating systems and software titles.

Continue reading

Lenovo redeems itself with open source Superfish removal tool


What do you do when you are facing scrutiny in the media? Damage control. You see it all the time with celebrities. A famous actor or musician does something wacky or stupid and ends up crying to Oprah, or going to rehab.

If you are a respected computer manufacturer, what do you do to fix a tarnished image? Open source. Nothing makes computer nerds more giddy than hearing that software is open source and the source code is available to investigate. Today, Lenovo releases an official open source Superfish removal tool under the Mozilla Public License.

Continue reading

NSA and GCHQ hacked world's biggest SIM card manufacturer to steal your data

SIM Card Phone Smartphone

In mid-2013, Edward Snowden revealed that the government-backed agency NSA monitored everything happening on the Internet, including spying on individuals' phone calls, messaging, and emails to glean information and pinpoint suspicious activities in an attempt to stop the growing terrorist acts.

Since the revelations -- which changed everyone's perspective on privacy -- the leaked information from Snowden and acceptance from major technology companies have given us an understanding of how the NSA managed to get our data from the services we heavily rely on. Essentially, either providers agreed to turn over our data or the NSA found another way, a backdoor, to obtain it. But how it manage to tap our phone calls was mostly unclear. Last year, Vodafone did acknowledge that it allowed the NSA to place surveillance tools inside its data centers. But as it turns out, the agency had more ways to log our phone activities.

Continue reading

Lenovo loads dangerous Superfish adware onto new computers -- this fish stinks


Buying a new Windows computer can be a really fun moment. When you say goodbye to your aging and slow machine, and start fresh with a new model, everything seems faster and peppier. Unfortunately, many manufacturers pre-load unwanted software on these computers, causing headaches and wasted time for the consumer. It can take hours to uninstall all of the stuff you do not want.

Sadly, Lenovo has crossed a line when it comes to this practice. Along with all the the usual added software (bloatware), was a piece of adware called Superfish. From a security standpoint, it could potentially put customer data at risk with man in the middle attacks, which in turn threatens the manufacturer's reputation.

Continue reading

Large enterprises targeted by mobile Trojans


Mobile cyber threats are more common and more sophisticated than ever before, with a number of high profile threats in the past year.

According to a new report from security companies Check Point and Lacoon Mobile Security, this means mobile devices are growing into a serious threat to the enterprise.

Continue reading

Fighting cyber threats hampered by disconnect between IT and business

cyber security

A disconnect between systems leaders and business leaders coupled with a lack of resources is keeping enterprises from properly addressing cyber threats.

This is according to a new study commissioned by defense and security company Raytheon and conducted in conjunction with the Ponemon Institute.

Continue reading

SOAP vulnerability leaves Netgear routers open to hackers

SOAP vulnerability leaves Netgear routers open to hackers

Owners of Netgear routers are warned that their wireless security keys and admin password could be accessed by hackers. A security vulnerability has been found in the SOAP service embedded in some Netgear network devices that could be abused with specially designed HTTP requests.

Routers can be tricked into executing commands even if they originate from an unauthenticated session, potentially exposing sensitive information to hackers. For anyone with remote management enabled on their router, there is the added worry that all of this could be carried out by someone without physical access, or who is not in close proximity, to the network. A number of Netgear routers are affected.

Continue reading

Samsung lied -- its smart TV is indeed spying on you and it is doing nothing to stop that

Hulu Plus Samsung TV

About 70 years ago, English novelist George Orwell wrote 1984, a controversial novel which visioned of a fictional dystopian place called Oceania where people had no real privacy. As Orwell described, residents of Oceania had two-way telescreens so that they may be watched or listened to by government authorities. The book was written way ahead of its time, and while it didn't make much sense back then, a lot of assumptions Orwell made in 1984 are coming true now.

Samsung's smart TVs are in the news once again. Not for impressive sales figures -- something the South Korean technology conglomerate would definitely appreciate -- but for jeopardizing its users’ privacy.

Continue reading

Your Android device may be spying on you even when it's 'off'


Much is made of the "Android malware problem", but the truth is, there isn't a very bad problem. That does not mean there is no problem though. Visuses for Google's mobile platform do exist and some folks manage to let phones and tablets contract a virus. Now a new and interesting bug seems to be floating around.

According to security software maker AVG this latest malware comes with a unique feature -- it can spy on you when you think your device is shut off. It does so by mimicking the shutdown screen, but not actually powering off the handset.

Continue reading

© 1998-2015 BetaNews, Inc. All Rights Reserved. Privacy Policy.